Internet Security Alliance and American National Standards Institute Announce New Collaboration for Improving Information Security

New York, Sep 15, 2006

The Internet Security Alliance (ISAlliance) and the American National Standards Institute (ANSI) announced today a joint program to provide business leaders with practical tools for managing information security. The collaboration was prompted by rising sentiment that not enough is being done by either government or industry to provide adequate response to rapidly increasing information security threats.

Cyber-crime is now at the forefront of growing illegal activity in the United States, rising nearly 4000% since 1997. Economic loss to companies suffering cyber attacks is now estimated to be as much as 5% of stock price. Equally important is the consumer perspective—nearly 20 million Americans have been victimized by identity theft in the past two years.

“Information security is complex,” says Ken Silva, chairman of the ISAlliance and chief information security officer at Verisign. “Every company needs useful tools for managing the security of their data transactions – from outsourcing and payment processing, to supply chain management and customer services.”

INCITS/ISO/IEC 17799:2005 - Code of Practice for Information Security Management
(developed internationally and subsequently adopted as an American National Standard)

Contracting for Information Security in Commercial Transactions: An Introductory Guide

“We are pleased to partner with ANSI to offer businesses better tools for managing the risks of information security in a wired world,” observed Larry Clinton, ISAlliance executive director.

Clinton continued: “Our organizations are working together with the information security management community to develop resources and standards-based solutions that will help to protect the Internet and global information systems.”

The Code of Practice for Information Security Management was developed for global implementation by a joint committee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC); its subsequent adoption as an American National Standard was sponsored by the InterNational Committee for Information Technology Standards (INCITS).